Spike PHP Security Audit Tool is a tool that performs a static analysis of PHP code for security exploits.
|Tags||Software Development Debuggers Libraries php classes Quality Assurance Testing|
|Operating Systems||Windows OS Independent POSIX Linux Unix|
Release Notes: Modified to be PHP 4 friendly. A few functions have been added to the knowledge base: extract, shell_exec, pcntl_exec, and exec. The organization of the knowledge base file (vuln_db.xml) has been slightly improved. The _getAllPhpFiles function may miss a few (unverified). The tokenizer needs to be able to differentiate between a native function call and class method call of the same name, i.e. mail() and $class->mail().
No changes have been submitted for this release.